26-Mar-2020
This is primarily a matter of "assistance" and adapted "security measures"; behind this, however, are "classic phishing mails", which are currently circulating in the same way as people on fake pages are asked to enter data such as e-mail addresses, account connections and passwords - and thus to install malware. Special care should be taken with mails from allegedly official authorities with file attachments such as PDF, docx or mp4.
These are supposed to contain supposedly relevant security information, but when downloaded they install malware that encrypts data and thus access to one's own end device such as the company network. This type of phishing via e-mail is still one of the most successful tools used by criminals; the current increase in these attacks represents a global threat.
A few days ago, the attack on the University Hospital in Brno in the Czech Republic became known. The hospital network there was attacked so successfully that it will probably take weeks to restore the original operation. As a result, all computers had to be shut down, operations cancelled and patients transferred to other hospitals. Hospitals, like other critical systems, are among the most "popular" targets, as maintaining their operations is of high social relevance.
Ransomware attacks on healthcare companies affected 764 healthcare providers in 2019 in the United States alone, resulting in 911 outages, which also prevented operations from taking place.
According to Statista, the financial damage from cybercrime in 2017 amounted to billions of US dollars
- USA: 19.4
- France: 7,1
- Germany: 2.6
The fact that at present more and more people with mobile access to corporate and government networks have to work from home is a particular challenge. Capacity problems can lead to reduced system performance - and ultimately to reduced IT security. In order to fully protect laptops and other mobile devices that are linked to the company's own IT, a software-based security suite is ideal, as it does not require the purchase of new hardware or special training for users.
Plot Twist - Hospitals are supposedly no longer a target
In the meantime, there have been additional reports that groups behind Trojans such as Ryuk / Emotet would probably no longer attack hospitals, but on the contrary would provide free encryption systems.
"We always try to avoid hospitals, nursing homes, if it's some local gov - we always do not touch 911 (only occasionally is possible or due to missconfig in their network) . Not only now. If we do it by mistake - we'll decrypt for free." was posted on Twitter.